| Citation: | Tang Shujun, Li Xiaojian, Tu Shouzhong, et al. Description language oriented to attack tree model[J]. Journal of Beijing University of Aeronautics and Astronautics, 2007, 33(12): 1486-1490. (in Chinese)
|
A main problem of recent researches on network security simulation is the lack of methods to model attack and uniform description. Hence computer network attack description language(CNADL) was presented, with attack tree adopted to model attacks and describe purpose, characteristic and process of attack. Attack tree was used to model attacks and then transformed to automata model. CNADL, which was attack tree model oriented and designed in context-free grammar, described the goal, means and process of different attacks in uniform format. The interpreter translated CNADL into corresponding orders and sent them to attack drilling system. Based on GTNetS simulator, the attack drilling system tested the validity of CNADL. The experimental results show that CNADL is able to describe attack characteristics efficiently, and simulate denial of service(DoS), worm password attack and IP spoof based on GTNetS.
|
[1] Ye N, Hosmer C, Giordano J, et al. Critical information infrastructure protection through process modeling and model-based information fusion [J]. Proceedings of the Information Survivability Workshop, 1998 [2] 李肖坚. 一种计算机网络自组织的协同对抗模型[J].计算机研究与发展, 2005,42:618-628 Li Xiaojian. A self-organized model of coordinated computer network operation[J]. Journal of Computer Research and Development, 2005,42:618-628(in Chinese) [3] Schneier B. Attack trees[J]. Dr. Dobb-s Journal of Software Tools, 1999,12(24): 21-29 [4] Cohen F B. Simulating cyber attacks, defenses, and consequences[J]. Computers and Sevurity,1999,18(6):479-518 [5] Chi S D, Park J S, Jung K C, et al. Network security modeling and cyber attack simulation methodology Vijay Varadharajan. Australasian Conference on Information Security and Privacy(ACISP). London: Springer-Verlag ,2001: 320-333 [6] Park E K, Yun J B, In H P. Simulating cyber-intrusion using ordered UML model-based scenarios Lecture Notes in Artificial Intelligence(Subseries of Lectwe Notes in Computer Science). London: Springer, 2005 : 643-651 [7] Vigna G, Eckmann S T, Kemmerer R A. Attack languages[J]. Proceedings of the IEEE Information Survivability Workshop (ISW 2000), 2000:163-166 [8] Eckmann S T,Vigna G, Kemmerer R. STATL:An attack language for state-based intrusion detection[J]. Journal of Computer Security, 2002,10:71-104 [9] Cuppens F, Ortalo R. LAMBDA: A language to model a database for detection of attacks[J]. Recent Advances in Intrusion Detection (RAID 2000), 2000, 1907: 197-216 [10] Ce dric M, Ludovic M. ADele: An attack description language for knowledge-based intrusion detection Proc of the 16th Int-l Conf on Information Security. Dordrecht,Holland:Kluwer,2001:353-368 [11] Kotenko I, Man’kov E. Experiments with simulation of attacks against computer networks[J]. Computer Network Security, 2003, 2776:183–194 [12] Joint Chiefs of Staff. Joint Publication 3-13 . US: Department of Defense Dictionary of Military and Associated Terms, 2006
|
Copyright © Journal of Beijing University of Aeronautics and Astronautics
Address: Editorial Department of Journal of Beijing University of Aeronautics and Astronautics, 37 Xueyuan Road, Haidian District, Beijing Post Code: 100191 Email: jbuaa@cqjj8.com
Supported by:
Beijing Renhe Information Technology Co., Ltd.
DownLoad: